Host Based Systems Analyst with Security Clearance

STI is seeking a Host Based Systems Analyst to perform investigations to develop a preliminary diagnosis of the severity of breaches. Provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. STI provides front-line response for digital forensics/incident response (DFIR) and proactively hunts for malicious cyber activity. Responsibilities: * Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations * Providing technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary * Writing in-depth reports, supporting with peer reviews, and providing quality assurance reviews for junior personnel * Supporting forensic analysis and mentoring/guiding others on data collection, analysis, and reporting in support of onsite engagements. * Assisting with leading and coordinating forensic teams in preliminary investigation * Planning, coordinating, and directing the inventory, examination, and comprehensive technical analysis of computer-related evidence * Distilling analytic findings into executive summaries and in-depth technical reports * Serving as technical forensics liaison to stakeholders and explaining investigation details, including forensic methodologies and protocols * Tracking and documenting on-site incident response activities and providing updates to leadership throughout the engagement * Evaluating, extracting, and analyzing suspected malicious code * Host-Based Systems Analyst 10 years of network investigations experience. Required Skills: - U.S. Citizenship - Must have an active TS/SCI clearance - Must be able to obtain DHS Suitability - Directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools - Ability to create forensically sound duplicates of evidence (forensic images) - Able to write cyber investigative reports documenting digital forensics findings - Experience with the analysis and characterization of cyber attacks - Experience with proper evidence handling procedures and chain of custody protocols - Skilled in identifying different classes of attacks and attack stages - Knowledge of system and application security threats and vulnerabilities - Knowledgeable in proactive analysis of systems and networks, including creating trust levels of critical resources - Must be able to work collaboratively across physical locations. Desired Skills; - Experience with or knowledge of two or more of the following tools: - EnCase - FTK - SIFT - X-Ways - Volatility - WireShark - Sleuth Kit/Autopsy - Splunk - Snort - Other EDR Tools (Crowdstrike, Carbon Black, Etc) - Proficiency with conducting all-source research. Required Education: BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and host or digital forensics experience One of the Desired Certifications: GCFA, GCFE, EnCE, CCE, CFCE, CISSP

Location: Arlington, Virginia, US

Posted Date: 8/21/2025